Re: XPath Filter 2.0 Support? (XML Digital Signatures)
- From: "clintonG" <nobody@xxxxxxxxxxx>
- Date: Sat, 29 Sep 2007 22:52:18 -0500
I'm in the same boat Tim trying to get working on a fillable forms project.
I'm still in the "where's our proposal" stage and no previous experience in
this niché trying to figure out what to do without any requirements to speak
of. After three weeks in and I finally learn I'm expected to work with
digitized signature capture using a SignatureGem LCD 1x5 signature pad
integrated using Topaz [1] that is supposed to result in a digital signature
when using Acrobat Reader as the fillable forms client.
I wish there were something I could add to bring insight to your dilemma but
I'm still several steps behind and hope you let us know what if anything
you've figured out.
<%= Clinton Gallagher
[1] http://www.topazsystems.com/
"Tim Davis" <tdavis34@xxxxxxxxxxx> wrote in message
news:46faaa9d$0$11000$4c368faf@xxxxxxxxxxxxxxxxx
Hello all,
I am working with Adobe LiveCycle Designer 8.1 to create forms that the
user
will sign with their X.509 Certificate and submit electronically to a
generic .NET HTTP handler (ASHX). I have done some work in both creating
and
verifying digital signatures, but I have run into an issue that I'm hoping
someone else has seen. Adobe's XML Digital Signatures seem to use the
XML-Signature XPath Filter 2.0
(http://www.w3.org/TR/2002/PR-xmldsig-filter2-20020827/Overview.html), but
there doesn't seem to be a corresponding .NET Framework class to support
this transform, and the SignedXml.LoadXml() call fails when I try to
specify
an XML element containing a Transform with the Algorithm ID
"http://www.w3.org/2002/06/xmldsig-filter2";.
Does anyone know where I can get a class that will support this
transformation, such that I can check Adobe-generated XML Digital
Signatures? It's also fine if someone knows a way to instruct Adobe not to
use this Transform when creating the Signature. Least desirable but also a
last-resort option is for someone to provide guidance on "rolling my own"
such Transform.
TIA,
Tim
Here's what I'm getting:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";
Id="datasignature_1">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#iddb88862c-6627-11dc-8d00-000c6e541685"
Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties";>
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>CP/cXdv2OcTnq7bKaWOgOSR9N8g=</DigestValue>
</Reference>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2";>
<XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2";
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";
Filter="intersect">here()/ancestor::dsig:Signature[1]/../../form1[1]//. |
here()/ancestor::dsig:Signature[1]/../../form1[1]//@* |
here()/ancestor::dsig:Signature[1]/../../form1[1]//namespace::*</XPath>
</Transform>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>IIiJsLFvk2HvWO+roUQwC0P/ODw=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
.
.
.
.
- References:
- XPath Filter 2.0 Support? (XML Digital Signatures)
- From: Tim Davis
- XPath Filter 2.0 Support? (XML Digital Signatures)
- Prev by Date: Re: Page caching and loginview / membership
- Next by Date: Easiest way to test if asp is working correctly?
- Previous by thread: XPath Filter 2.0 Support? (XML Digital Signatures)
- Next by thread: feedback please on asp.net app security scenario
- Index(es):
Relevant Pages
|
|
